Press n or j to go to the next uncovered block, b, p or k for the previous block.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 | 1x 16x 1x 9x 1x 8x 8x 1x 1x 7x 7x 7x 7x 6x 13x 6x 2x 4x 4x 4x 4x 4x 4x 2x 4x 1x 49x 4x 1x 7x 106x 4x 4x 1x 1x 1x | import { getAuthDetails, lookupUserAttributes } from "libs/api/auth/user";
import { response } from "libs/handler-lib";
import { StateAccess } from "react-app/src/api";
import { APIGatewayEvent } from "shared-types";
import {
getAllUserRoles,
getAllUserRolesByEmail,
getAllUserRolesByState,
getUserRolesWithNames,
} from "./userManagementService";
const getActiveRole = (roles: StateAccess[], roleName: string) =>
roles.find((roleObj) => roleObj.role === roleName && roleObj.status === "active");
export const getRoleRequests = async (event: APIGatewayEvent) => {
if (!event?.requestContext) {
return response({
statusCode: 400,
body: { message: "Request context required" },
});
}
let authDetails;
try {
authDetails = getAuthDetails(event);
} catch (err) {
console.error(err);
return response({
statusCode: 401,
body: { message: "User not authenticated" },
});
}
try {
const { userId, poolId } = authDetails;
const { email } = await lookupUserAttributes(userId, poolId);
// get all of the roles for the current user
const userRoles = await getAllUserRolesByEmail(email);
const approverRoles = userRoles.filter(
(roleObj: StateAccess) =>
["cmsroleapprover", "systemadmin", "helpdesk", "statesystemadmin"].includes(
roleObj?.role,
) && roleObj?.status === "active",
);
if (!approverRoles.length) {
return response({
statusCode: 403,
body: { message: "User not authorized to approve roles" },
});
}
const cmsRoleApprover = getActiveRole(approverRoles, "cmsroleapprover");
const systemAdmin = getActiveRole(approverRoles, "systemadmin");
const helpDesk = getActiveRole(approverRoles, "helpdesk");
const stateSystemAdmin = getActiveRole(approverRoles, "statesystemadmin");
let roleRequests: StateAccess[] = [];
if (systemAdmin || helpDesk) {
roleRequests = await getAllUserRoles();
}
if (cmsRoleApprover) {
roleRequests = await getAllUserRoles();
// cmsroleapprovers can only see statesystemadmin requests
roleRequests = roleRequests.filter((roleObj) => roleObj?.role === "statesystemadmin");
}
if (stateSystemAdmin) {
roleRequests = await getAllUserRolesByState(stateSystemAdmin?.territory);
// statesystemadmins cannot update other statesystemadmin requests
roleRequests = roleRequests.filter((roleObj) => roleObj?.role !== "statesystemadmin");
}
// filter out the current user from the role requests
roleRequests = roleRequests.filter((adminRole) => adminRole?.email !== email);
const roleRequestsWithName = await getUserRolesWithNames(roleRequests);
return response({
statusCode: 200,
body: roleRequestsWithName,
});
} catch (err: unknown) {
console.log("An error occurred: ", err);
return response({
statusCode: 500,
body: { message: "Internal server error" },
});
}
};
export const handler = getRoleRequests;
|